Results 1 to 4 of 4

Thread: Need Help with page redirection...

  1. Wink Need Help with page redirection...


    Basically here is the problem:

    I have a list of links on a site called http://, say 400.

    When someone clicks on a link they go to http:// to

    That page will then redirect to http://link to via

    <meta http-equiv="refresh" content="5;url=url=.../>

    The problem is what do I put between url= and /> ?

  2. #2
    The way you propose is 1. harder to validate. 2. Someone could stick a cross site scripting attack in the url like redirect.php?<script>alert('xss');</script> . Your also missing an extra part of the query. You will need some thing for $_GET so maby use ?url=

    so redirect.php?url=

    Then could get the url by doing

    PHP Code:
    $toRedirect $_GET['url'];
    "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"3;URL={$toRedirect}\">"

    But also you would have to validate it.. which is the hard part and I cannot think of anything at the moment quickly that would validate that.

    Better to use an Integer for the $_GET. like redirect.php?id=1 . Then in your mysql query you can get the url by the example code below, Assuming in your mysql database table there is a field called "url" that has url like "" and also an auto_incrementing field called "id".

    Btw this code could have syntax error. I didn't run it. I just wrote it off the top of my head while posting this.
    PHP Code:
    // If ?id= is set is only a integer.
    if(!empty($_GET['id']) && is_numeric($_GET['id'])) {
    $id $_GET['id'];

    $sql = array();
    $link mysql_connect('localhost''database_user''database_password') or die('Could not connect: ' mysql_error());
    $db_selected mysql_select_db('database_name',$link) or die(mysql_error());
    sql mysql_query('SELECT * FROM url_table WHERE id={$id}') or die("oops");
    $toRedirect mysql_fetch_assoc($sql);

    // If id does not exist
    if(!toRedirect) {
    header('HTTP/1.0 404 Not Found');
    'Not Found');


    "<meta http-equiv=\"refresh\" content=\"5;url={$toRedirect['url']}\"/>"
    "</head><body><h1>You being redirected to"
    "<a href=\"{$toRedirect['url']}\">{$toRedirect['url']}</a>"
    Of course there is many other things you could do like count hits to the link.
    Submit new proxies -

  3. Hmm, I can't do that since I don't have the id table.

    Is there anyway in which I can just get the text after the '?' and redirect to that page ?

    EDIT: Thanks Keldorn, I used your script and it's now working, i am also able to count the hits using some other snippets of code

    If you look at WebEvader, every site which is not a premium listing and is clicked on goes to a loading page where it is then redirected...

  4. #4
    Like I said you have to validate it.

    Put this url into your browser..

    Crafting that even more I could steal the cookies off your forum members by having them click and then hijack their profiles.
    For this case a good strip_tags(); might work

    PHP Code:
    $toRedirect strip_tags($_GET['id']); 
    It also opens up your site to being a free spam relay.

    Submit new proxies -

Similar Threads

  1. [WTT] Proxy List Submission Page / Home Page Trade
    By vectro in forum Links
    Replies: 2
    Last Post: 8 December, 2010, 05:13 AM
  2. Replies: 0
    Last Post: 29 April, 2010, 11:26 AM
  3. help with htaccess redirection
    By MeetHere in forum Programming
    Replies: 10
    Last Post: 18 October, 2009, 17:01 PM
  4. How to avoid blogger redirection window?
    By hendricius in forum Blogging
    Replies: 4
    Last Post: 31 August, 2009, 07:29 AM
  5. Need help with redirection...
    By WebEvader in forum Programming
    Replies: 5
    Last Post: 30 August, 2009, 21:05 PM

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts